Tech firms to define standard for consumer privacy by design
Defining international standards for privacy is critical for the future of global commerce. To support this cause, many of America’s leading companies and government agencies are collaborating to help define the new international standard for ‘Consumer Protection: Privacy by Design.’
The standard will be part of ISO Project Committee 317. As one of 12 countries with Participant status in ISO/PC 317, the United States will be represented by its Technical Advisory Group (TAG), administered by the American National Standards Institute (ANSI) in partnership with the OASIS standards and open source consortium. Members of the U.S. TAG represent America’s leading companies and government agencies committed to privacy rights for consumers.
“ISO/PC 317 will complement the efforts of the European GDPR standard aiming to aid in the prevention of data breaches while giving consumers more control over the use of their data,” said Rik Parker of KPMG, chair of the U.S. TAG to ISO/PC 317. “By being involved from the outset, the U.S. can be sure that this international standard is practical, well-conceived, and adoptable across complex organizations.”
One of the most complex business challenges
“The implementation of data privacy principles and data protection requirements into an organization’s business processes has become one of the most complex business challenges of the 21st century,” said Debra Farber of BigID, vice chair of the U.S TAG to ISO/PC 317. “I consider it a tremendous honor to contribute to the establishment of a global set of regulatory-agnostic guidelines that embed privacy into products and services by design and default.”
“It’s a huge endeavor—but one we have to take on now,” added Aris Gkoulalas-Divanis of IBM Watson Health, vice chair of the U.S. TAG to ISO/PC 317. “Every organization that deals with consumer data is going to be impacted by the standard we produce in ISO/PC 317. State-of-the-art privacy enhancing technologies, including privacy and security controls, should be incorporated into product design to offer end-to-end privacy protection while allowing products to deliver on their intended functionality.”
In addition to the U.S., 11 other countries, including the U.K., China, Canada, and Korea, have a voice in establishing this global standard. The first meeting of ISO/PC 317 will be held in London, Nov 1-2, 2018.
More information on the U.S. TAG to ISO/PC 317 is at: